DOCSLIB.ORG

Cyber Security Research Institute Report Into the Internet of Things

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Cyber Security Research Institute Report Into the Internet of Things PINNING DOWN THE IOT Cyber Security Research Institute report into the Internet of Things Sponsored by F-Secure CONTENTS Executive Summary .............................................................................................................................. 3 Introduction ........................................................................................................................................... 5 The pervasiveness of the new Internet of Things .............................................................................. 7 The Connected Home .......................................................................................................................... 9 The consumer reaction ....................................................................................................................... 14 Coping with an ageing population ....................................................................................................................... 14 IoMe and the IOWT: The Internet of Me and the Internet of Women Things .............................. 16 The overwhelming case for regulation .............................................................................................. 18 The regulator’s digital knowledge gap ............................................................................................... 20 The push for regulation ...................................................................................................................... 20 Summary ................................................................................................................................................ 21 Culture ...................................................................................................................................................................... 21 Taking back control ................................................................................................................................................. 21 Appropriate use ....................................................................................................................................................... 22 Education ................................................................................................................................................................ 22 Responsibility .......................................................................................................................................................... 23 PINNING DOWN THE IOT 2 EXECUTIVE SUMMARY In its current form the Internet of Things (IoT) represents Zigbee and Z-Wave and use those networks to link to other a considerable threat to consumers, due to inadequate devices, such as computers, handheld appliances and mobile regulations regarding its security and use. phones. In many cases, the adoption of the technology is being driven Among the interviewees, there was a widespread belief that by businesses eager to gain valuable data from citizens, with many IoT devices would go unprotected because consumers little concern for their privacy or the protection of that data. do not know how to change the manufacturers’ default security settings. The drive to be the first to market has meant Over the next two years, the number of IoT devices entering that many manufacturers have not even considered the households is predicted to climb steeply from 9 devices per security implications of their devices. They have either not household currently, to 500 by 2022 according to the research built appropriate security measures, use inadequate measures house Gartner1, with IoT connectivity being bundled into or, in some cases, provide no settings at all to change. This products whether people want it or not. Some of the experts situation could create an even more frightening scenario than interviewed for this report such as Mikko Hypponen, chief the UK tabloid newspapers’ “phone hacking” scandal, due to a research officer for the cyber security company F-Secure, massive adoption of insecure IoT devices. which sponsored this report, said that in the future, devices without IoT capabilities may be more expensive because they'll lack data that can be harvested by manufacturers. Another significant concern highlighted by our research was "Personal data from the the problem of long, deliberately unwieldy and confusing connected home will terms and conditions associated with the use of devices that give the manufacturer the right to collect private data and often be bought and control of how its device is being used. sold, as the result of a Earlier this year the US manufacturer I-Robot’s CEO Colin lack of awareness among Angle suggested that the manufacturer may begin to sell the floor plans of houses which its robot vacuum cleaners had consumers about what the compiled to Amazon, Apple or Alphabet, parent company of Google. The three companies did not comment on I-Robot’s IoT is and what it does." suggestion. But I-Robot’s stock price soared from $35 to $102 when Angle suggested the possibility in a Reuters interview in June. Of even greater concern is the potential for IoT devices to be turned into eavesdropping mechanisms that can hear and see All of the analysts consulted pointed out that personal data what is going on wherever they have been deployed. Online from the connected home will often be bought and sold criminals could even access and control biometric data, such with consumers largely remaining oblivious to potential as fingerprints, voices and facial images stored as digital data. implications. Numerous cases have already emerged of webcams being According to all of those interviewed, this lack of awareness hacked on computers and mobile phones in order to spy will also result in significant security risks to individuals, since on their owners.2 Other IoT devices, such as smart meters, IoT devices with limited security will easily connect to home may reveal if people are in their homes by monitoring which WiFi networks and other radio protocols such as Bluetooth, appliances are being used and which rooms are being heated. 1 https://www.gartner.com/newsroom/id/2839717 2 https://null-byte.wonderhowto.com/how-to/hack-like-pro-secretly-hack-into-switch-on-watch-anyones-webcam-remotely-0142514 https://globalnews.ca/news/2158281/what-you-need-to-know-about-webcam-hacking-and-how-to-prevent-it https://us.norton.com/internetsecurity-malware-webcam-hacking.html https://www.geek.com/tech/mark-zuckerberg-tapes-up-his-webcam-and-snowden-says-you-should-too-1659083 https://www.theguardian.com/world/2016/jun/06/surveillance-camera-laptop-smartphone-cover-tape PINNING DOWN THE IOT 3 A recent example of this was the Mirai botnet which used IoT “The drive to be the first devices, such as web and CCTV cameras and routers, to carry out attacks on a number of internet-based businesses and to market has meant some internet service providers. that many manufacturers Many of those industry figures involved in the development have not even considered of the IoT interviewed for this report felt that the IoT industry is aware of the security issues surrounding the technology. the security implications Meanwhile there were resounding calls for regulation of the of their devices.” technology from all of the experts we consulted. For the purposes of this report, the authors interviewed politicians, a senior police officer, cyber security specialists, One other great danger from this explosion of poorly- industry analysts, think tank observers and industry figures protected connected objects is the potential for internet involved in developing technology for the IoT. instability. Already, hacking groups have proved themselves adept at using readily available analysis tools, such as Shodan, to discover flaws in particular devices and turn them into botnets. Hackers have already created their own search systems and exploited the freemium models of other IoT search systems. PINNING DOWN THE IOT 4 INTRODUCTION For the average consumer, the Internet of Things may be a “We would know when things needed replacing, repairing or new concept, but it has been with us for a number of years. recalling and whether they were fresh or past their best. The Internet of Things has the potential to change the world.” Used to connect everything from toasters in Japan, elephants in Kenya, sheep in Scotland, fridges in Korea, lamps in the US, Smartness and efficiency will become the catchphrases of the buildings in Germany and clothes and furniture in Scandinavia, age. Smart phones, smart watches, smart cities, smart houses the IoT is seen as the biggest trend in tech. The latest in chip- – even smart bras, pants, pills and tampons are the new chic. objects of desire. By using wireless networks, light waves, sound waves or hard- All of our devices will be talking to each other in a blizzard of wired connections we will be able to connect everything to data that will rapidly outpace us. According to the US telecoms the internet: computers; cars; mobile phones; food; fields; giant Cisco, by 2020 machine-generated data will exceed animals; roads; plants; planes; park benches; and people. the traffic generated by people as the sensors, servers and computers collect information from us and share it amongst We will be able to put sensors into everything, and those themselves.4 sensors will generate more and more data about us and our world. According to the computer multinational IBM, in 2016 we generated more data than we have in all the previous
Load more

Recommended publications
  • Newcomers' Welcome Pack
    Newcomers’ Welcome Pack If you would like someone from the Hursley Village Community Association to get in contact personally to talk about the village or introduce you to a few neighbours over a cup of tea (or similar) contact the HVCA (see page 2). We don’t want to be pushy but we do want you to feel welcome! Welcome to your new home and community! Contents Introduction to key groups in the village 2 Hursley Village Community Association 2 The Church: All Saints’ (Church of England) 2 The School: John Keble Primary School 3 The Parish Council 4 The Parish Hall 4 The Shops 4 The Pubs 5 A brief history of Hursley 6 Things you might want to get involved with 9 Annual Calendar of Events 9 The Annual Newcomers Lunch hosted by the HVCA 9 Clubs and Associations 10 Keeping updated 11 Some useful local contacts 12 Some travel directions 14 Note: Not everything in this pack is entirely up-to-date or complete but it should point you in the right direction. If you find something in error, or have constructive suggestions, please contact Steve Powell (9 Heathcote Place, or [email protected]) with corrections. Welcome Pack Introduction to key groups in the village Hursley Village Community Association CHAIRMAN: Richard Baker (01962 775469) EMAIL: [email protected] Hursley Village Community Association (HVCA) was formed in April 2014 and is intended to be a way of bringing together people of all ages, interests and backgrounds to work in a community-spirited, non-political way. Hursley village is a great place to live.
    [Show full text]
  • Sejarah Perkembangan Dan Kemajuan the International Bussines Machines
    SEJARAH PERKEMBANGAN DAN KEMAJUAN THE INTERNATIONAL BUSSINES MACHINES Oleh : ANGGARA WISNU PUTRA 1211011018 CIPTA AJENG PRATIWI 1211011034 DERI KURNIAWAN 1211011040 FEBY GIPANTIUS ZAMA 1211011062 NOVITA LIANA SARI 1211011118 RAMA AGUSTINA 1211011128 FAKULTAS EKONOMI DAN BISNIS UNIVERSITAS LAMPUNG BANDAR LAMPUNG 2014 BAB II PEMBAHASAN 2.1 Sejarah berdirinya THE INTERNATIONAL BUSSINES MACHINES (IBM) 1880—1929 Pada tahun 1880-an, beberapa teknologi yang akan menjadi bisnis IBM ditemukan. Julius E. Pitrap menemukan timbangan komputer pada tahun 1885. Alexander Dey menemukan dial recorder tahun 1888. Herman Hollerith menemukan Electric Tabulating Machine 1989 dan pada tahun yang sama Williard Bundy menemukan alat untuk mengukur waktu kerja karyawan. Pada 16 Juni 1911, teknologi-teknologi tersebut dan perusahaan yang memilikinya digabungkan oleh Charles Ranlett Flint dan membentuk Computing Tabulating Recording Company (CTR). Perusahaan yang berbasis di New York ini memiliki 1.300 karyawan dan area perkantoran serta pabrik di Endicott dan Binghamton, New York; Dayton, Ohio; Detroit, Michigan; Washington, D.C.; dan Toronto, Ontario. CTR memproduksi dan menjual berbagai macam jenis mesin mulai dari timbangan komersial hingga pengukur waktu kerja. Pada tahun 1914, Flint merekrut Thomas J. Watson, Sr., dari National Cash Register Company, untuk membantunya memimpin perusahaan. Watson menciptakan slogan, ―THINK‖, yang segera menjadi mantra bagi karyawan CTR. Dalam waktu 11 bulan setelah bergabung, Watson menjadi presiden dari CTR. Perusahaan memfokuskan diri pada penyediaan solusi penghitungan dalam skala besar untuk bisnis. Selama empat tahun pertama kepemimpinannya, Watson sukses meningkatkan pendapatan hingga lebih dari dua kali lipat dan mencapai $9 juta. Ia juga sukses mengembangkan sayap ke Eropa, Amerika Selatan, Asia, dan Australia. Pada 14 Februari 1924, CTR berganti nama menjadi International Business Machines Corporation (IBM).
    [Show full text]
  • The Meadoword, March 2013
    March 2013 Volume 31, Number 3 The To FREE Meadoword MeaThe doword PUBLISHED BY THE MEADOWS CO mm UNITY ASSO C IATION TO PROVIDE INFOR M ATION AND EDU C ATION FOR MEADOWS RESIDENTS MANASOTA, MANASOTA, FL U.S. POSTAGE PRESORTED STANDARD PERMIT 61 PAID 2 The Meadoword • March 2013 If you will be away from home MCA BOARD Notes From the for more than a weekend… OF DIRECTORS Please let Safety Patrol know how they can reach you Ginny Coveney, President President’s in case of an emergency. Bob Friedlander, Vice President Dr. Bill Grubb, Treasurer Call 809-0084 Bill Hoegel, Secretary Joy Howes Desk Jo Evans By Ginny Coveney—MCA President John Spillane Safe Travels! Dr. Harry Shannon This is my last column as president If the Club is unable to get a Marvin Glusman of the MCA. I have really enjoyed my mortgage, they will not be able to get other one year as your first woman president. financing. This is a tough time, and the COMMITTEES Sarasota County Since I have completed six years on the community needs to be responsible. As Assembly of Property Owners board, I have termed out. I want to thank I always say, “Remember this is YOUR Claire Coyle, Chairperson all of you for your support and kind community.” I’m sure that everyone Call Center Marvin Glusman, Liaison words. It is my hope that I was able to wishes to keep our community where we Residents have easy Budget and Finance bring more understanding of what the live and play the best that it is today.
    [Show full text]
  • IBM I2 Enterprise Insight Analysis: Deployment Guide
    Version 2 Release 3 IBM i2 Enterprise Insight Analysis Deployment guide IBM SC27-5091-00 Note Before using this information and the product it supports, read the information in “Notices” on page 67. This edition applies to version 2, release 3, modification 2 of IBM® i2® Enterprise Insight Analysis (product number 5725-G23) and to all subsequent releases and modifications until otherwise indicated in new editions. Ensure that you are reading the appropriate document for the version of the product that you are using. To find a specific version of this document, access the Installing and Deploying section of the IBM Knowledge Center, and ensure that you select the correct version. © Copyright International Business Machines Corporation 2016, 2020. US Government Users Restricted Rights – Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp. Contents Contacting IBM Support....................................................................................1 Deployment types.............................................................................................3 Creating an example deployment...................................................................... 5 Creating an example with the Information Store................................................................................. 5 Creating an example with the Information Store and the i2 Connect gateway.................................. 6 Creating an example with the i2 Connect gateway.............................................................................
    [Show full text]
  • Early Language and Compiler Developments at IBM Europe: a Personal Retrospection
    Early Language and Compiler Developments at IBM Europe: A Personal Retrospection Albert Endres, Sindelfingen/Germany Abstract : Until about 1970, programming languages and their compilers were perhaps the most active system software area. Due to its technical position at that time, IBM made significant con- tributions to this field. This retrospective concentrates on the two languages Algol 60 and PL/I, be- cause with them compiler development reached an historical peak within IBM’s European labora- tories. As a consequence of IBM’s “unbundling” decision in 1969, programming language activity within IBM’s European laboratories decreased considerably, and other software activities were ini- tiated. Much knowledge about software development was acquired from this early language activ- ity. Some of the lessons learned are still useful today. Introduction For many of us, compiler construction was the first encounter with large software projects. This was certainly the case at IBM during the time period considered here. IBM’s contribution to the history of both programming languages and compiler technology are known and well documented. I like to refer to Jean Sammet [Samm81] for a general discussion and to John Backus [Back78] and George Radin [Radi78] for the history of FORTRAN and PL/I, respec- tively. A survey of compiler technology in IBM is given by Fran Allen [Alle81]. With this paper, I intend to complement the reports cited above by adding some information that is not available in the academic literature. I will concentrate on contributions made by IBM’s European development laboratories, an organization I was associated with during the major part of my career.
    [Show full text]
  • Software Engineer/Infrastructure Specialist
    Software E nginee r/Infrastr ucture Specialist - P lacement Y e ar Humzah D epep a rtmenrtmen t o f Physicic s,s, L o ugug h b orouou g h Univiv ersisi t y About IBM Projects And Opportunities Skills Developed IBM (International Business Machines) is an American multinational information technology company, with operations in over 170 countries. IBM produces and sells • IBM-Zypper, worked on package manager responsible for automating the repositories for • Problem solving and analytical skills - used daily when working on hardware, middleware and software as well as provides hosting and consulting services all versions of SLES (SLES 15 in particular) across multiple architectures. systems. in areas ranging from mainframe computers to nanotechnology. Also as a major • HCDC Dashboard, updated layout of the dashboard to be more representative of the • Public speaking - giving department presentations. research organization, IBM holds the current record for most U.S. patents generated room's layout. by a business and has done so for 26 consecutive years. Some inventions by IBM • Communication - interacting with clients and colleagues through various include the automated teller machine (ATM), the hard disk drive, the magnetic stripe • Department presentation, I had the opportunity to present a refresher course on SQL mediums of communication. we see on cards, the SQL (Structured Query Language) programming language as well (Structured Query Language) as part of a group of three placement students, to colleagues • Time management - working on various projects alongside my core role. as the UPC (Universal Product Code) barcode.[1] of my department. • Teamwork - working with other colleagues and placement students from var- • macOS, I became the first Placement student to provide infrastructure support for over ious departments.
    [Show full text]
  • Top of the Class
    Step into HampshireHampshirea guide for teachers HampshireHampshire LivingLiving a guide for teachers A guide for teachers HampshireHampshire Top of the class www.educationjobs.hants.gov.uk www.hants.gov.uk Hampshire: Top of the class 1 Introduction The best things about Hampshire From its rolling green hills to its wild open coastline, Hampshire has something to captivate everybody’s interest. The county has several 1. All you can eat 5. Is it a kind of dream? world-famous visitor The pretty Hampshire town The North Wessex Downs, an attractions. These include of Stockbridge lies midway between Area of Outstanding Natural the New Forest’s Exbury Andover and Romsey and is often referred Beauty in the Hampshire countryside, Gardens, Beaulieu to as the “foodie capital of Hampshire”. It is was the inspiration for the classic National Motor Museum known for its excellent choice of eateries, adventure novel by Richard Adams, and Paultons Park, home annual food festival “Trout ‘n About” and Watership Down, a timeless story about of Peppa Pig World and superb fishing along the River Test. the search for a safe home. Portsmouth’s Historic Hampshire’s unique rural Cathedral and Great Hall, Dockyard. Whether it’s beauty is showcased within Southampton’s links with a day at a theme park or Home is where I declare after the region’s two National RMS Titanic to Portsmouth’s a stroll along the decks 2. the Hart is all there is no Parks, country parks of Admiral Lord Nelson’s 6. naval heritage. Hart, a small sleepy district nestled in the enjoyment like reading! and picturesque villages.
    [Show full text]
  • Tenant Voice with Lots of Ideas to Help You Get Get Walking out and About to Make the Most of Our Beautiful Region
    Bid for funding Focus on New look for for your the village sheltered housing neighbourhood of Hursley common rooms INSIDE TENANT Issue 9 VOICE Spring/Summer 2019 Make the most of Winchester’s stunning scenery on foot Ideas for springtime strolls on page 4 Help to understand Universal Credit WIN and get online see pages 8 and 9 a free family swim pass at Riverside Leisure Centre See back page Produced in partnership with Winchester City Council tenants and leaseholders INSIDE Welcome… Thanks to the warmer weather and spring flowers, Winchester is literally bursting into News in brief bloom at the moment. It’s a great time of year to explore the city and surrounding page 3 districts, so we’ve packed this issue of Tenant Voice with lots of ideas to help you get Get walking out and about to make the most of our beautiful region. Don’t forget to let us know page 4 your ideas for local walks or activities that we can share with readers in our next issue (please drop us a line using the contact details on the back cover). Thank you to Spotlight on Hursley everyone who returned the Tenant Information Form, please can you return the form if page 5 you haven’t already done so. Property Services pages 6 and 7 Tenants And Council Together Need a hand to get online? page 8 TACT update from Monica Gill Universal Credit explained page 9 We formed TACT to provide a platform for tenants to work with the Council to help The benefits of downsizing improve the housing service for everyone.
    [Show full text]
  • Newcomers' Welcome Pack
    Newcomers’ Welcome Pack If you would like someone from the Hursley Village Community Association to get in contact personally to talk about the village or introduce you to a few neighbours over a cup of tea (or similar) contact the HVCA (see page 2). We don’t want to be pushy but we do want you to feel welcome! Welcome to your new home and community! Contents Introduction to key groups in the village 2 Hursley Village Community Association 2 The Church: All Saints’ (Church of England) 2 The School: John Keble Primary School 3 The Parish Council 4 The Parish Hall 4 The Shops 4 The Pubs 5 A brief history of Hursley 6 Things you might want to get involved with 9 Annual Calendar of Events 9 The Annual Newcomers Lunch hosted by the HVCA 9 Clubs and Associations 10 Keeping updated 11 Some useful local contacts 12 Some travel directions 14 Note: Not everything in this pack is entirely up-to-date or complete but it should point you in the right direction. If you find something in error, or have constructive suggestions, please contact Steve Powell (9 Heathcote Place, or [email protected]) with comments. Welcome Pack Introduction to key groups in the village Hursley Village Community Association CHAIRMAN: Richard Baker (01962 775469) EMAIL: [email protected] Hursley Village Community Association (HVCA) was formed in April 2014 and is intended to be a way of bringing together people of all ages, interests and backgrounds to work in a community-spirited, non-political way. Hursley village is a great place to live.
    [Show full text]
  • Silver Squelchers Twenty Eight
    Silver Squelchers Twenty Eight Presented September 2015 by Charles Savoie Miscellaneous Members of The Pilgrims Society Part III ***** Including ***** Awful Roosevelts & Some of Their British Pilgrims Pals in London “The Pilgrims Society is in a flourishing condition on this side of the Atlantic and in New York.” ---The Times, London, July 15, 1911, page 6 “The activities of what has been identified as the most powerful international society on earth, the "Pilgrims," are so wrapped in silence that few know even of its existence since 1903.” page 8, “The Empire of The City” (1946, E.C. Knuth). The Pilgrims theme music? “He spoke openly against the Society” (Line from “The Rifleman,” March 3, 1963) 1) Stephen Sycle Lash (1940---: Pilgrims by 2014; very likely by mid-1990s) married the great granddaughter of the man who founded Lehman Brothers in 1856. The Lehmans became related by marriage to the much bigger Vanderbilts (Pilgrims Society) and the smaller Morgenthaus (Pilgrims Society), of the same family as Franklin Roosevelt’s Treasury Secretary who stole gold and silver from Americans starting in March 1933 (gold) and August 1934 (silver)! Robert Lehman was in The Pilgrims 1969, with the Lehman firm and a director of large corporations. When Lehman went bust in 2008, I suggest the family had positioned in advance to preserve their wealth, along with other Pilgrims members---and the same in London with Baring Bank collapse. Another big rich connection that can’t be unnoticed is the eight years Lash spent in London under Pilgrims Society member Sir Siegmund Warburg and his son George S.
    [Show full text]
  • March 2011 Perspective
    Perspective – March 2011 The Newsletter of the IBM Hursley Retirees’ Club EX CATHEDRA By the time this edition of Perspective “hits the streets” the trips for 2011 will have been announced at March’s AGM. Your Committee hopes we have the balance about right but always welcomes suggestions for consideration as part of the 2012 cycle. In the last issue of Perspective I issued an invitation (or was it a challenge!) to any single issue group willing to organise an outing. The nearest there is this year is Goodwood’s Festival of Speed in July, we hope of special interest to at least one coach of enthusiasts. Let’s see some applications from members willing to do just a little “leg work” for another specialist group. So please don’t hesitate to bring a proposal to the Committee. As I’ve said before, there are just a few commonsense rules: activities must be open to all IBM Club Members and the subsidy must not exceed 50% of cost. A member of the committee will work with you to bring your proposal to the Committee and notice of the event can be included in the next paper mailing to all members of the Club or for a faster response, the email service can bring your idea to a readership now exceeding 600. We’re able to fund at least two additional events this year. The funds are there waiting for your ideas. Martin Hughes Chairman AGM and the New Committee Martin Hughes, Chairman, welcomed around 150 retirees to the AGM held at Hursley on 8 March 2011.
    [Show full text]
  • Old Times at Otterbourne
    Old Times At Otterbourne By Charlotte M. Yonge Old Times At Otterbourne. Not many of us remember Otterbourne before the Railroad, the Church, or the Penny Post. It may be pleasant to some of us to try to catch a few recollections before all those who can tell us anything about those times are quite gone. To begin with the first that is known about it, or rather that is guessed. A part of a Roman road has been traced in Otterbourne Park, and near it was found a piece of a quern, one of the old stones of a hand mill, such as was used in ancient times for grinding corn; so that the place must have been inhabited at least seventeen hundred years ago. In the last century a medallion bearing the head of a Roman Emperor was found here, sixteen feet beneath the surface. It seems to be one of the medallions that were placed below the Eagle on the Roman Standards, and it is still in the possession of the family of Fitt, of Westley. After the Roman and British times were over, this part of the country belonged to Wessex, the kingdom of the West Saxons, of which Winchester was the capital. Lying so near the chief town, which was the Bishop’s throne, this place was likely soon to be made into a parish, when Archbishop Theodore divided England in dioceses and parishes, just twelve hundred years ago, for he died 690. The name no doubt means the village of the Otters, and even now these creatures are sometimes seen in the Itchen, so that no doubt there were once many more of them.
    [Show full text]